From bec9f48a02fad545ed9af677182fa2a8bf78bbbe Mon Sep 17 00:00:00 2001
From: einhverfr <einhverfr@4979c152-3d1c-0410-bac9-87ea11338e46>
Date: Mon, 5 Mar 2007 00:53:54 +0000
Subject: commenting out if expression branch in template parser pending
 rewrite in 1.3

git-svn-id: https://ledger-smb.svn.sourceforge.net/svnroot/ledger-smb/branches/1.2@846 4979c152-3d1c-0410-bac9-87ea11338e46
---
 LedgerSMB/Form.pm | 19 +++++++++++--------
 1 file changed, 11 insertions(+), 8 deletions(-)

(limited to 'LedgerSMB')

diff --git a/LedgerSMB/Form.pm b/LedgerSMB/Form.pm
index af8deae5..7c4cdc23 100755
--- a/LedgerSMB/Form.pm
+++ b/LedgerSMB/Form.pm
@@ -760,15 +760,18 @@ sub parse_template {
 			chop;
 			s/.*?<\?lsmb if (.+?) \?>/$1/;
 
-			if (/\s/) {
-				@args = split;
-				if ($args[1] !~ /^(==|eq|>|gt|>|lt|>=|ge|le|<=|ne|!=)$/){
-					$self->error("Unknown/forbidden operator");
-				}
-				$ok = eval "$self->{$args[0]} $args[1] $args[2]";
-			} else {
+			# commenting this out for security reasons.  If needed,
+			# please uncomment.  Functionality below will be in 1.3
+			# Chris Travers
+			#if (/\s/) {
+			#	@args = split;
+			#	if ($args[1] !~ /^(==|eq|>|gt|>|lt|>=|ge|le|<=|ne|!=)$/){
+			#		$self->error("Unknown/forbidden operator");
+			#	}
+			#	$ok = eval "$self->{$args[0]} $args[1] $args[2]";
+			#} else {
 				$ok = $self->{$_};
-			}
+			#}
 
 			if ($ok) {
 				while ($_ = shift) {
-- 
cgit v1.2.3